Only allowing United States

wiz561

I did a reinstall of pfsense and configured pfblockerNG again.  I'm starting to get memory issues again and I read the warning up on the top about…

It's also not recommended to block the 'world', instead consider rules to 'Permit' traffic from selected Countries only.

It turns out that I'm doing what pfblocker recommends not doing….and I thought about it and it makes sense.  My question is how do I flip this around so that it's default deny, allow only the United States GeoIP's?

I think that maybe I just unselect all the countries and chose "permit inbound" and because nothing is selected, it will do a default deny.  Before I do anything though, I was wondering if this is the right way to go about doing this...

I have a few ports open; ssh, https, etc....so it would be nice to block everything but US.

Thanks

f34rinc

Yeah you have it correct, unselect all the other countries then put an allow inbound on the North America \ United States.

Using the 'Advanced Inbound Firewall Rule Settings' will allow you to select what ports will be allowed inbound.

wiz561

@f34rinc:

Yeah you have it correct, unselect all the other countries then put an allow inbound on the North America \ United States.

Using the 'Advanced Inbound Firewall Rule Settings' will allow you to select what ports will be allowed inbound.

Unfortunately, I tried what I did and it doesn't seem to be blocking from other countries.  Is there anything else I have to do?

wiz561

OK, I think I have it.  I had to disable all of the other GeoIP rules and only chose the two United States rules.  I then did a "Deny Inbound", and then chose the "Inverse" in the advanced options.  This seems to be working now.